How about using a 3rd party firewall (like Comodo) instead? Not a single exe has internet access if it doesn't have an "allow rule".
Well effectively the VM running OpenBSD is a glorified firewall. Ironically, even though it is running a full OS, I find it functions faster than Comodo which always caused startup times to increase substantially and made my computer feel sluggish. I am just not a fan of 3rd party firewalls. But yeah, if you can find a 3rd party one you like, it should do the trick. It is just the inbuilt one provided by Windows 10 that is defective because apps can change the rules at will when they are installed. I don't think that sandboxie will prevent Windows 10 itself and its Apps from being able to access the internet at random times, only individual applications I manually run with sandboxie.
You're right it won't. OTOH WFC (Windows Firewall Control) would do the job easily though. WFC has a feature under Options called Secure rules which automatically deletes unauthorized rules created by programs other than Windows Firewall Control. Remember WFC is a front-end for native WF so your computer will show no sluggishness.
Yeah, this looks like quite a decent piece of software. I might have to give this a shot next time I set up an environment. Cheers
Actually I decided rather than installing that firewall software (closed source and all ), to just knock up a simple script. Turns out the solution to my problem was that a certain part of the registry can be set to read-only which breaks AFAIK all cases of software adding their own sneaky firewall rules. Basically when run as admin with the "lock" parameter, it sets the rules registry key as read-only. The "unlock" parameter will then undo that change so the windows firewall can be modified again. Code: using System; using System.Security; using System.Security.Principal; using System.Security.AccessControl; using System.Text; using Microsoft.Win32; namespace LockFirewall { class Program { static void Main(string[] args) { if (args.Length <= 0) { Console.WriteLine("No option specified"); Environment.Exit(1); } string keyUrl = "SYSTEM\\CurrentControlSet\\services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules"; RegistryKey rk = Registry.LocalMachine.OpenSubKey(keyUrl, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.ChangePermissions | RegistryRights.ReadKey); if (rk == null) { throw new Exception("Failed to open key"); } if (args[0] == "unlock") { Console.WriteLine("Enabling write"); RegistrySecurity rs = new RegistrySecurity(); rs.PurgeAccessRules(new NTAccount("Everyone")); rk.SetAccessControl(rs); } else if (args[0] == "lock") { Console.WriteLine("Disabling write"); RegistrySecurity rs = new RegistrySecurity(); rs.AddAccessRule(new RegistryAccessRule("Everyone", RegistryRights.SetValue | RegistryRights.CreateSubKey, InheritanceFlags.None, PropagationFlags.None, AccessControlType.Deny)); rk.SetAccessControl(rs); } else { Console.WriteLine("Invalid option specified"); Environment.Exit(1); } } } } Hope this helps someone
Sorry to say, but to fully block Windows 10 you need to pull the cable. Nobody knows how many backdoors Microsoft has build in to be able to send the stuff they want. ;-)
I don't know the answer to all the spyware, but you must know that all those people who receive the phone calls from your computer must share, so if only one call gets out, your waist size is out there, and by trying to stop some of the calls out, you uninstall things, turn services off. Well if that means you sleep better, (but really, do you not think MS does not know what we do), in there updates they add more. You can't even run sfc /scannow if you have problems, remember one gets out, someone knows your shoe size, your ex-wife's names, what video's you watch, yup Santa going to know who the pervs are, I only watch Sports, lol. Windows used to be cool, fun and knowledgeable, now it seems money and spying is the new norm. I hate it, but the wind seems to be blowing that way, (Remember, if only one gets out) yes and phone calls too, I you forgot what you promised your wife, girlfriend, if your nice to the NSA, they may tell you.
Heh, true. At least this stops some of the other software I have installed but don't trust. Adobe, Autodesk etc...
Yep.... that is the way it is, and we are at the beginning of this development. The markets are shrinking. People have understood, that neither Win10 nor iPhone 9 will give them anything new, that they actually want. Sales are on their way down. Only Advertisement is still making money, because it is not cash from the users. Hardware software... the markets will become smaller and smaller. Yahoo will not be the last ones to cut 15% employees. If it is any consolation, the whole world economy is crumbling too. Unless someone comes up with a completely new product for the mass market, as they did with computers in the eighties....